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EXAMINER'S AMENDMENT 

An examiner's amendment to the record appears below. Should the changes and/or 
additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 
1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the 
payment of the issue fee. 

Authorization for this examiner's amendment, which begins on the following page, was 
given in a telephone interview with Thomas Lees on 5/15/2008. 



The application has been amended as follows: 
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This listing of claims will replace all prior versions and listings of claims in this 
application: 

Listing of the Claims 

1 <Pan toush Pit- rented > \ method ot impersonating a client to a pluiahP, of\euers. 
coinpnsum. 

obtaining V>"4 d middle net <er\ei a e minion nonce that s\ eiealed based at least ail 
part upon a pre-nonce cortttlhutton from e ( ieh <d a plumhtv ofback-einl vet wis wheiein 
the common nonce js s-ciierated from an eiitit> orhci than the client that the middle tier 
<er\ei is to impersonate ur the pluraht\ ot hack-end server--: that the middle tier servei js 
to internet with >t) behalt ot the client. 

tf 4 eo my by tin middle tier sen, a-, a lequest tit m the client tot a Uan-*uction with 
at fesst one ot die pbiiaho, of hat k-end scixets 

pioudmg the common nonce from the middle tier scivei to the client. 

receiving the uiiimwn nonce sinned In the client With the client's digital 
MtfnatUiC at the miUdlo-tiei sen er and 

impersonating the v licnt b> the middle tiei server interacting with a ^elected one 
ot tht plmahn ot back -end servers tor implementation ot the client icqise^t on hehall id 
the client by providing the s !fcJ itd common nome and Ihe ditnt request trom the middle 
nu send to <it least one ot the pluiahty <»1 back-end ^ veis m as to t uithcnhi ale the 
etictj* to the phirahtv of ^ervot- tor implementation of the chcur lequco. on bchalt ol the 
client. 

2. (Canceled) 

.V <Pte\uaNh Presented) The method oiVlaim i . whetetn obtaining the uimmon nonce 
comprises; 

obtaining the pre nonce eonuibutioti.s from the plurality ot .servers 
combining die pie-nonce contributions to pros tde a single pro-nonce token: and 
pio\nftm> me common nonce hated (Ml the pre- nonce token 
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4. (Original) The method of Claim 3, wherein the step of providing the common nonce 
computes leduung the pit-nusKe token n- prm nic the t ommon nonet 

5. (Original I I he method of I Umi 3, wherein the step of combining the pre-nonee 
contributions to provide a ^m^ie pre-nonee token comprises concatenating the pre-nonce 
contributions. 

(> (Original) fho method oi Ckmn 4, w hetein the <dep ol lerinemg the pre-nont.e okrn 
to pun jik the common nonce comprises the step oi hashing the pie-nouee token util Ainit 
a onc-\\a> tash fu telion >o an to piovi.de the common none*., 

"* (i Ei^ttkih \ he method of < \um v wherein the step ol obtaining pie-ot nee 
Ciint bulion-* u mp tsi'iv thf U.'p«> nf 

le^nc-stin^l J pro-nonce conlrtbutm i fi«»m cjJi ot tho \i\mn\'t\ oi'servcis, and 
ickmv, ing the pre -nonce contributions fmm the plurality of servers 

S (Original) S he method vi C laim ~\ wherein lequest ng a pie-nonce contribution 
MifMprises sendm» authenticated reqnoids to the plurality of .-.eners 

*' K)iigmal) The method of Claim S. fiirther^mipr miw iiV \lep of enct>ptme. the 
dlilhennxaled requests sent ft die phudhu id soiu-[!i 

Its (Orsgi wi) I he method ot Claim h. wu-re n the duthefflicalcd requests u dude <rt 
least one ot an dentjfieation ot a source of ihe request, a h nt stamp and a random 
number. 

i t tOntimal) Ihe method of Claim 3. therein h^ pu--iH««ee i i«j trtbotious include <=>t 
least one o ^ m identification ot a wr\er of the pknalm «d ;>en eis jnd a lasidotn miaibei 
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1 ? (Original) The method of Claim 3. wherein the pre-nouee contributions are signed 
with a signature corresponding to a server from which the prenonee contribution was 
obtained, the method further comprising incorporating the signatures m the pre-nonce 
token, 

i t {( >ngmal) The method ol < 'laim J . \* not em the pro-nonce contiibuuons are Mgivd 
u*flt rs }>i}'r».itiiieeorte>pondinj: to o vetvt.it from which the pie nonce contribution was 
obtained Hit nttthod further t ompnsmg authenticating tlie stgnatuits ol the pte-nonce 
contributions md rejecting pre nonce o.Eindmtions tot uhtch the dipitaf Mf nature is not 
authentic, 

i 4 it >nj. [ n ,U i 1 he method ot < 'hum 3, further comprising the stcp,^ of: 

recet\ inj: a iransaction identification from a trusted ^ervtrt of the plurality of 
servers; and 

associating the Uansaetnm jdentrfli atu-n vwth fb« lommun nonce 

i 5 < Original) '1 he method of Claim 14, further amipiiMn^ the step of u at king us*c of 
the com t»on nonce based on the transaction tdenrifjeatton 

lo (( uneutly Amended) I he method of Claim 3, turther compn&ing the steps of: 
awsociatim* a t expiiation itHM^time with < pre-nonce tontnbution; jnd 
determining if the pie-uonce contribution has rxpned based n i j(s assuci.iled 

expiration time. 

J ~> (Original ) i he method oft hum 16, further comprising th€ steps of 
hi the common nonce M a senes ot the phjtaitt\ of smerv; 

detenmuiiuy a pre-noriLC tontrtbution associated with the recused common 

nonce: and 

acceptnm the recessed common nonce if UK ,u>so. iatf*d pip-nnnce contribution has 

not expired. 
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! x {{ Jngimn I lie method ol C laim 3. » herein a.t least one ot the phu aim of sen crs 
carries out the steps ot: 

receivutg a client eeriiiieale; 

determining tf the client ecitifiuue »s (tusud, and 

indicating that the client is not authenticated if the client certificate is not trusted. 

(<•» {< isnnnab '! he method of Claim 3, wherein ut lea^t one of the plurality of seises 

car«es out the steps of: 

teeetvmi* the signed common nonce and a ohint ec! titivate 

duemnmnt: it the sipianue ot the signed common nonce ufjicsponds t»> a 

signature ot the client certificate; and 

todieatmg that tht client is not authenticated if the sMurutuie of the juried 

common nonce does not conespond to the signature of the client eeititlcate. 

20. {Orifiinal) The roeth<»d ol C'lduii o, v\ herein at least one- of the pliuali(\ of scoots 
carries out the steps of: 

recct\ nig the signed common nonce, the common nonce and the pre- nonet; token; 

hashing the Recced pre nonce token; 

awip irmg the hashed pie-nonto token to the common none*?: 
indn.a!ioj£ that the i hunt is nut authenticated it the hashed pro-nonce token is 
different from the common nonce. 

2 ! . (Original) The method ot Chum I 1 , wherein at least one of the plurality of sen efs 
carries out. the steps of; 

receiving the prc-nouce token; 

dt u-rmtmm* if the pie-nonce token includes a undom number associated with the 
at lea.st tine of the plot 3ht\ ot sen. crs: and 

indicating that the client is not {tulhcnticated if thr pie-notv *■ token docs not 
include the random numhei associated with the at least one ot the pluralm of seiveis 



Application/Control Number: 09/921,536 
Art Unit: 2131 



Page 7 



22 tOiigmah 1 be method ol t 1 «m 21, whet em at least one <>i the piutaht-y oi sends 
carries out the steps of: 

j.Nvouattti£» in exptrah m with the faiitlorti nutnbei associated with the at leat-t one 
ol the pluiahi} ol stnu^ and 

mdt<- tinu that the client tv i oi auihenUeaiLd it the pir-non* e token dot*, not 
include a randurt numhei associated « tth the at leaM one oi lh - piuiahtv ui \« \ ei s w hah 
has not expired, 

jOngitidH Ihi- met! od ot V\d\m I whercm the step ot obhiimnc. a common nonce 
comprises the steps uf; 

obtaining the common nonce hum a paily tutted b> the tntddfe-Uej servci and 
the plurtifit\ of set\eiv tin, common nonce hem** sitmed h\ ti e traced p^rtx , and 
\uihitig thu Mgnatute ot the u>mi)Hti nonce is U e Mgnatuie ot the trusted partv 

J4 (< i tgutah The m«.r)uwl ot Otomi "'V vvhe em at lca*.t one of the plunihu of scners 
cames out the steps ot: 

recei ving a client certificate 

deten inmg it* the client certificate is trusted, md 

in< amut; that die Utent not authct tKated it the e icnt cejtstk ite ts not trasred 

(i h tptnat) ITtt method ot t hum 2.-. v. icrun at lea -a une oj the plutahtv oi se \ei- 

earn.es out the steps ot: 

tecen mg he siyted common notxv m>\ a ehent eeriilii tie 

dcturm mm ti the Mt; lature r>t he signed common nun e com>pondv to a 

statute ot t k rhent c ttttkate, ami 

tnditatiry that the J tent is not authenticated if t! e signature ot the stfjned 

common nonce does not correspond to the signature of the cl ient certificate, 

26. (Canceled) 



27. (Canceled) 
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28. (Canceled) 

29. (Canceled) 

30. (Canceled) 
3 i . (Canceled) 
32. (Canceled) 

* ^ (Pic\ oush Presented) 1 he method acceding to ekiu i i, iujthct umipuMng 

combining the pic nonu u*ntnhutu>n6 from the piutaiuv ot hack-end wcrv into 
a prc-wiiee token; 

h t i>hfjig nV prc-oom t* token hv the mtddte-tiei sci\ cr h gvnerote the eon mon 
nonce: and 

prodding the pit-nonce token tu the ^elected oi eufthe pluialtf> ot hack end 
senders; wherein; 

the selected back end sentsi ha^luM die pie-noiKe token u>mj* the bame n<ishme 
ft ch tuque used by the middle tier sei s cj and company it lo the verified common nonce 
thu- jta he inn Mmg S irth ihc tliont and the middle tier setver the selected back-end server 

The following is an examiner's statement of reasons for allowance: While the prior art, 
namely Kaliski, Jr., provides teachings of a "common nonce" comprised of nonces from a 
plurality of servers, the prior art fails to teach or suggest the specific combination of limitations 
as claimed, which recites obtaining by a middle tier server, a common nonce that is created based 
at least in part upon a pre-nonce contribution from each of a plurality of back-end servers, 
wherein the common nonce is generated from an entity other than the client or the plurality of 
back-end servers, providing the common nonce from the middle tier server to the client, 
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receiving the common nonce signed by the client at the middle tier server, and impersonating the 
client by the middle tier server. 

Any comments considered necessary by applicant must be submitted no later than the 
payment of the issue fee and, to avoid processing delays, should preferably accompany the issue 
fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for 
Allowance." 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to MATTHEW T. HENNING whose telephone number is 
(571)272-3790. The examiner can normally be reached on M-F 8-4. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Matthew T Henning/ 
Art Unit 2131 
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/Christopher A. Revak/ 
Primary Examiner, Art Unit 2131 



